Filtering libvirt XML in Nova

I saw a request from a customer float by the other day regarding the
ability to filter the XML used to create Nova instances in libvirt.
The customer effectively wanted to blacklist a variety of devices (and
device types). The consensus seems to be “you can’t do this right now
and upstream is unlikely to accept patches that implement this
behavior”, but it sounded like an interesting problem, so…

This is a fork of Nova (Juno) that includes support for an extensible
filtering mechanism that is applied to the generated XML before it
gets passed to libvirt.

How it works

The code uses the stevedore module to handle locating and loading
filters. A filter is a Python class that implements a filter
method with the following signature:

def filter(self, xml, instance=None, context=None)

The code in nova.virt.libvirt.domxmlfilters collects all filters
registered in the nova.filters.domxml namespace, and then runs them
in sequence, passing the output of one filter as the output to the
next:

And that’s it. This is almost entirely untested. While it works in
some cases it doesn’t work in all cases, and it’s unlikely that I’m
going to update this to work with any future version of Nova. This
was really just an exercise in curiosity. Enjoy!